Merge branch 'mbedtls'

Replace Crypto++ 5.6.2 with Mbed TLS 3.6.0 Newer compilers are starting to show the age of the crypto library we've been using, as it is sometimes a pain to recompile compass lately. So, the tracked version of Crypto++ was at least due for an upgrade. However, I plan to soon begin reimplementing compass in C. So, I'm taking this opportunity to first just migrate the cryptography library to a newer C alternative. This branch does so, and integrates its use into the current C++ version of compass. * mbedtls: Remove unnecessary exception handler catch block Refactor random password generation to use mbedtls entropy source Refactor SHA256 function to use mbedtls Refactor AES functions to use mbedtls Add Mbedtls library Remove Crypto++ library
author: Malfurious <m@lfurio.us> 2024-10-24 06:44:24 -0400
committer: Malfurious <m@lfurio.us> 2024-10-24 06:44:24 -0400
commit: 512aa4c77b3dc0d72db713a9215ff65a98a99ec3 (patch)
tree: 6db82e0109dc987b5b021f81d4e8a0926eb75ff7 /cryptopp562/modes.cpp
parent: 428471d39fb8c205a9fad899c88c30a2cb7df685 (diff)
parent: 10affea371406c0ae4c080e5a19390a8e9bd154b (diff)
download: compass-512aa4c77b3dc0d72db713a9215ff65a98a99ec3.tar.gz
compass-512aa4c77b3dc0d72db713a9215ff65a98a99ec3.zip
1 files changed, 0 insertions, 245 deletions
diff --git a/cryptopp562/modes.cpp b/cryptopp562/modes.cpp
deleted file mode 100644
index 4633228..0000000
--- a/cryptopp562/modes.cpp
+++ /dev/null
@@ -1,245 +0,0 @@
-// modes.cpp - written and placed in the public domain by Wei Dai
-
-#include "pch.h"
-
-#ifndef CRYPTOPP_IMPORTS
-
-#include "modes.h"
-
-#ifndef NDEBUG
-#include "des.h"
-#endif
-
-NAMESPACE_BEGIN(CryptoPP)
-
-#ifndef NDEBUG
-void Modes_TestInstantiations()
-{
-	CFB_Mode<DES>::Encryption m0;
-	CFB_Mode<DES>::Decryption m1;
-	OFB_Mode<DES>::Encryption m2;
-	CTR_Mode<DES>::Encryption m3;
-	ECB_Mode<DES>::Encryption m4;
-	CBC_Mode<DES>::Encryption m5;
-}
-#endif
-
-void CFB_ModePolicy::Iterate(byte *output, const byte *input, CipherDir dir, size_t iterationCount)
-{
-	assert(m_cipher->IsForwardTransformation());	// CFB mode needs the "encrypt" direction of the underlying block cipher, even to decrypt
-	assert(m_feedbackSize == BlockSize());
-
-	unsigned int s = BlockSize();
-	if (dir == ENCRYPTION)
-	{
-		m_cipher->ProcessAndXorBlock(m_register, input, output);
-		m_cipher->AdvancedProcessBlocks(output, input+s, output+s, (iterationCount-1)*s, 0);
-		memcpy(m_register, output+(iterationCount-1)*s, s);
-	}
-	else
-	{
-		memcpy(m_temp, input+(iterationCount-1)*s, s);	// make copy first in case of in-place decryption
-		m_cipher->AdvancedProcessBlocks(input, input+s, output+s, (iterationCount-1)*s, BlockTransformation::BT_ReverseDirection);
-		m_cipher->ProcessAndXorBlock(m_register, input, output);
-		memcpy(m_register, m_temp, s);
-	}
-}
-
-void CFB_ModePolicy::TransformRegister()
-{
-	assert(m_cipher->IsForwardTransformation());	// CFB mode needs the "encrypt" direction of the underlying block cipher, even to decrypt
-	m_cipher->ProcessBlock(m_register, m_temp);
-	unsigned int updateSize = BlockSize()-m_feedbackSize;
-	memmove_s(m_register, m_register.size(), m_register+m_feedbackSize, updateSize);
-	memcpy_s(m_register+updateSize, m_register.size()-updateSize, m_temp, m_feedbackSize);
-}
-
-void CFB_ModePolicy::CipherResynchronize(const byte *iv, size_t length)
-{
-	assert(length == BlockSize());
-	CopyOrZero(m_register, iv, length);
-	TransformRegister();
-}
-
-void CFB_ModePolicy::SetFeedbackSize(unsigned int feedbackSize)
-{
-	if (feedbackSize > BlockSize())
-		throw InvalidArgument("CFB_Mode: invalid feedback size");
-	m_feedbackSize = feedbackSize ? feedbackSize : BlockSize();
-}
-
-void CFB_ModePolicy::ResizeBuffers()
-{
-	CipherModeBase::ResizeBuffers();
-	m_temp.New(BlockSize());
-}
-
-void OFB_ModePolicy::WriteKeystream(byte *keystreamBuffer, size_t iterationCount)
-{
-	assert(m_cipher->IsForwardTransformation());	// OFB mode needs the "encrypt" direction of the underlying block cipher, even to decrypt
-	unsigned int s = BlockSize();
-	m_cipher->ProcessBlock(m_register, keystreamBuffer);
-	if (iterationCount > 1)
-		m_cipher->AdvancedProcessBlocks(keystreamBuffer, NULL, keystreamBuffer+s, s*(iterationCount-1), 0);
-	memcpy(m_register, keystreamBuffer+s*(iterationCount-1), s);
-}
-
-void OFB_ModePolicy::CipherResynchronize(byte *keystreamBuffer, const byte *iv, size_t length)
-{
-	assert(length == BlockSize());
-	CopyOrZero(m_register, iv, length);
-}
-
-void CTR_ModePolicy::SeekToIteration(lword iterationCount)
-{
-	int carry=0;
-	for (int i=BlockSize()-1; i>=0; i--)
-	{
-		unsigned int sum = m_register[i] + byte(iterationCount) + carry;
-		m_counterArray[i] = (byte) sum;
-		carry = sum >> 8;
-		iterationCount >>= 8;
-	}
-}
-
-void CTR_ModePolicy::IncrementCounterBy256()
-{
-	IncrementCounterByOne(m_counterArray, BlockSize()-1);
-}
-
-void CTR_ModePolicy::OperateKeystream(KeystreamOperation operation, byte *output, const byte *input, size_t iterationCount)
-{
-	assert(m_cipher->IsForwardTransformation());	// CTR mode needs the "encrypt" direction of the underlying block cipher, even to decrypt
-	unsigned int s = BlockSize();
-	unsigned int inputIncrement = input ? s : 0;
-
-	while (iterationCount)
-	{
-		byte lsb = m_counterArray[s-1];
-		size_t blocks = UnsignedMin(iterationCount, 256U-lsb);
-		m_cipher->AdvancedProcessBlocks(m_counterArray, input, output, blocks*s, BlockTransformation::BT_InBlockIsCounter|BlockTransformation::BT_AllowParallel);
-		if ((m_counterArray[s-1] = lsb + (byte)blocks) == 0)
-			IncrementCounterBy256();
-
-		output += blocks*s;
-		input += blocks*inputIncrement;
-		iterationCount -= blocks;
-	}
-}
-
-void CTR_ModePolicy::CipherResynchronize(byte *keystreamBuffer, const byte *iv, size_t length)
-{
-	assert(length == BlockSize());
-	CopyOrZero(m_register, iv, length);
-	m_counterArray = m_register;
-}
-
-void BlockOrientedCipherModeBase::UncheckedSetKey(const byte *key, unsigned int length, const NameValuePairs &params)
-{
-	m_cipher->SetKey(key, length, params);
-	ResizeBuffers();
-	if (IsResynchronizable())
-	{
-		size_t ivLength;
-		const byte *iv = GetIVAndThrowIfInvalid(params, ivLength);
-		Resynchronize(iv, (int)ivLength);
-	}
-}
-
-void ECB_OneWay::ProcessData(byte *outString, const byte *inString, size_t length)
-{
-	assert(length%BlockSize()==0);
-	m_cipher->AdvancedProcessBlocks(inString, NULL, outString, length, BlockTransformation::BT_AllowParallel);
-}
-
-void CBC_Encryption::ProcessData(byte *outString, const byte *inString, size_t length)
-{
-	if (!length)
-		return;
-	assert(length%BlockSize()==0);
-
-	unsigned int blockSize = BlockSize();
-	m_cipher->AdvancedProcessBlocks(inString, m_register, outString, blockSize, BlockTransformation::BT_XorInput);
-	if (length > blockSize)
-		m_cipher->AdvancedProcessBlocks(inString+blockSize, outString, outString+blockSize, length-blockSize, BlockTransformation::BT_XorInput);
-	memcpy(m_register, outString + length - blockSize, blockSize);
-}
-
-void CBC_CTS_Encryption::ProcessLastBlock(byte *outString, const byte *inString, size_t length)
-{
-	if (length <= BlockSize())
-	{
-		if (!m_stolenIV)
-			throw InvalidArgument("CBC_Encryption: message is too short for ciphertext stealing");
-
-		// steal from IV
-		memcpy(outString, m_register, length);
-		outString = m_stolenIV;
-	}
-	else
-	{
-		// steal from next to last block
-		xorbuf(m_register, inString, BlockSize());
-		m_cipher->ProcessBlock(m_register);
-		inString += BlockSize();
-		length -= BlockSize();
-		memcpy(outString+BlockSize(), m_register, length);
-	}
-
-	// output last full ciphertext block
-	xorbuf(m_register, inString, length);
-	m_cipher->ProcessBlock(m_register);
-	memcpy(outString, m_register, BlockSize());
-}
-
-void CBC_Decryption::ProcessData(byte *outString, const byte *inString, size_t length)
-{
-	if (!length)
-		return;
-	assert(length%BlockSize()==0);
-
-	unsigned int blockSize = BlockSize();
-	memcpy(m_temp, inString+length-blockSize, blockSize);	// save copy now in case of in-place decryption
-	if (length > blockSize)
-		m_cipher->AdvancedProcessBlocks(inString+blockSize, inString, outString+blockSize, length-blockSize, BlockTransformation::BT_ReverseDirection|BlockTransformation::BT_AllowParallel);
-	m_cipher->ProcessAndXorBlock(inString, m_register, outString);
-	m_register.swap(m_temp);
-}
-
-void CBC_CTS_Decryption::ProcessLastBlock(byte *outString, const byte *inString, size_t length)
-{
-	const byte *pn, *pn1;
-	bool stealIV = length <= BlockSize();
-
-	if (stealIV)
-	{
-		pn = inString;
-		pn1 = m_register;
-	}
-	else
-	{
-		pn = inString + BlockSize();
-		pn1 = inString;
-		length -= BlockSize();
-	}
-
-	// decrypt last partial plaintext block
-	memcpy(m_temp, pn1, BlockSize());
-	m_cipher->ProcessBlock(m_temp);
-	xorbuf(m_temp, pn, length);
-
-	if (stealIV)
-		memcpy(outString, m_temp, length);
-	else
-	{
-		memcpy(outString+BlockSize(), m_temp, length);
-		// decrypt next to last plaintext block
-		memcpy(m_temp, pn, length);
-		m_cipher->ProcessBlock(m_temp);
-		xorbuf(outString, m_temp, m_register, BlockSize());
-	}
-}
-
-NAMESPACE_END
-
-#endif
author	Malfurious <m@lfurio.us>	2024-10-24 06:44:24 -0400
committer	Malfurious <m@lfurio.us>	2024-10-24 06:44:24 -0400
commit	512aa4c77b3dc0d72db713a9215ff65a98a99ec3 (patch)
tree	6db82e0109dc987b5b021f81d4e8a0926eb75ff7 /cryptopp562/modes.cpp
parent	428471d39fb8c205a9fad899c88c30a2cb7df685 (diff)
parent	10affea371406c0ae4c080e5a19390a8e9bd154b (diff)
download	compass-512aa4c77b3dc0d72db713a9215ff65a98a99ec3.tar.gz compass-512aa4c77b3dc0d72db713a9215ff65a98a99ec3.zip